Snort.org home  
Got Source? About Snort About Sourcefire Snort FAQ
Sourcefire Network Security - the creators of Snort
Snort News Downloads Snort Docs Rules Snort Community Snort Forums Snort Training
Search Ports
Search Rules
Account
email
password
not registered?
user preferences

Snort: Building and Operating the Premier Open Source IDS

Overview:

This two-day class is for those who want to learn how to build a Snort IDS from scratch using many of the open source tools and plug-ins available to help manage, tune and deliver feedback on suspicious activity in your networks. Hands-on labs with fully documented instructions help students construct solid, secure Snort installations and understand the inner workings of the premier open source IDS available today. Students will also learn how to fine tune and configure Snort in addition to creating custom rules and learning techniques for optimizing rules.

Target Audience:

Network Administrators, security administrators, security consultants and those that are responsible for deploying open source Intrusion Detection sensors in their organizations.

Prerequisites:

This course assumes that students have a technical understanding of TCP/IP networking and network architecture. Proficiency with Linux and UNIX text editing tools (vi editor) is suggested, but not required.

Course outline:

  • Introduction to Snort
  • Snort architecture
  • Snort sensor deployment
  • Snort installation
  • Snort configuration and operation
  • Sourcefire rules primer
  • Snort output and analyzing feedback
  • Snort optimization

The Sourcefire Guarantee

Sourcefire backs all classes with the following student and turnover guarantees:

  • Student Guarantee: Students may retake the same class/same version once within 6 months of the original class attended at no extra charge
  • Turnover Guarantee: Any company that enrolls an employee in a Sourcefire class, who leaves the company in 60 days of the original class date, may enroll one additional employee in the same class/version within 6 months of the original student's class at no extra charge

Guarantees are subject to space availability and require a 60-day prior notice and must be in the same product release number/version. A supplementary charge for new student manuals will be assessed if the student manuals distributed with the original enrollment are not used by the returning or turnover student. An authorized letter is required from the Companyˇ¦s Human Resources department when a turnover guarantee is executed. All guarantees must be utilized in a Sourcefire training facility on the posted scheduled dates.

 Building and Operating Snort Understanding and Writing Snort Rules Schedule and Registration
Terms of Use | Privacy Policy ©2005 Snort and Sourcefire are registered trademarks of Sourcefire, Inc. All rights reserved.